Post by: Lilith on October 19, 2006, 06:21:06 PM
This is my log from HijackThis
Logfile of HijackThis v1.99.1
Scan saved at 4:10:35 PM, on 10/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Common Files\{D0CE1CEE-0710-1033-0225-050504190001}\Update.exe
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\STARTUP\TASKMGR.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PCCTLCOM.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Athena\Desktop\virus removal\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gaiaonline.com/forum/viewtopic....&t=17035871 (http://\"http://www.gaiaonline.com/forum/viewtopic.php?page=9288&t=17035871\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.eyeseek.com/firstsite.asp?b= (http://\"http://www.eyeseek.com/firstsite.asp?b=\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.eyeseek.com/firstsite.asp?b= (http://\"http://www.eyeseek.com/firstsite.asp?b=\")
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com\")
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Trend Micro Antifraud Toolbar - {06647158-359E-4D10-A8DE-E6145DA90BE9} - C:\PROGRA~1\TRENDM~1\INTERN~1\PccIeBar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: Glwcick Class - {BDF4E4DF-B6BB-4ECE-8CD9-1880DEC7B82F} - C:\WINDOWS\system32\lqe2z.dll (file missing)
O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} - C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL (file missing)
O3 - Toolbar: Trend Micro Antifraud Toolbar - {871F91FD-3A92-4988-A842-16AB2CFF5AF1} - C:\PROGRA~1\TRENDM~1\INTERN~1\PccIeBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [p2p networking] p2pnetworking.exe
O4 - HKLM\..\RunOnce: [D7vydvBD] cmd /c IF EXIST "C:\WINDOWS\system32\lkyaekrrr.exe" del /s /q "C:\WINDOWS\system32\lkyaekrrr.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: taskmgr.exe
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Athena\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAcc...bridge-c420.cab (http://\"http://static.windupdates.com/cab/MediaAccess/ie/bridge-c420.cab\")
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect1.gravity.co.kr/nprotect/npx.cab (http://\"http://nprotect1.gravity.co.kr/nprotect/npx.cab\")
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect1.gravity.co.kr/nprotect/nPKeyCrypt/npkcx.cab (http://\"http://nprotect1.gravity.co.kr/nprotect/nPKeyCrypt/npkcx.cab\")
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {8660A526-27A4-4FBD-85B2-857E82A25971} - C:\WINDOWS\system32\lqe2z.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
Post by: guestolo on October 19, 2006, 07:16:20 PM
Can you do the following please
==Download and save [color=\"red\"]Brute Force Uninstaller[/color] (http://\"http://www.merijn.org/files/bfu.zip\")[/b] to the desktop
- Right click the BFU folder on your desktop, and choose Extract All
- Click "Next"
- In the box to choose where to extract the files to, click "Browse"
- Click on the + sign next to "My Computer"
- Click on "Local Disk (C:) or whatever your primary drive is
- Click "Make New Folder"
- Type in BFU
- Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
Save it then transfer to the
same folder you made earlier (c:\BFU).
==Download this file - Combofix.exe (http://\"http://download.bleepingcomputer.com/sUBs/combofix.exe\") and save it too desktop
Don't run this yet
==Go to Start > My Computer and navigate to the C:\BFU folder.
- Start the Brute Force Uninstaller by doubleclicking BFU.exe
- Next to the scriptline to execute field click the folder icon (http://metallica.geekstogo.com/foldericon.png) >and select alcanshorty.bfu
- Press Execute and let it do it's job. (You ought to see a progress bar if you did this correctly.)
- Wait for the complete script execution box to pop up and press OK.
- Press exit to terminate the BFU program.
When finished, it shall produce a log for you.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
Can you post the log from combofix as well as a fresh hijackthis log please
Post by: Lilith on October 19, 2006, 08:16:29 PM
Athena - 06-10-19 18:10:18.89 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Athena\Desktop"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Program Files\Common Files\Yazzle1122OinAdmin.exe
C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
C:\Program Files\Common Files\{30CE1CEE-0710-1033-0225-050504190001}
C:\Program Files\Common Files\{D0CE1CEE-0710-1033-0225-050504190001}
((((((((((((((((((((((((((((((( Files Created from 2006-09-19 to 2006-10-19 ))))))))))))))))))))))))))))))))))
2006-10-19 11:36 45,056 --a------ C:\WINDOWS\system32uaw5wah6a.exe
2006-10-19 11:36 28,672 --a------ C:\WINDOWS\system32drei.exe
2006-10-19 11:36 28,672 --a------ C:\WINDOWS\system32\lkyaekrrr.exe
2006-10-19 11:36 28,672 --a------ C:\WINDOWS\system32\drei.exe
2006-10-19 11:36 24,576 --a------ C:\WINDOWS\system32vypqj.exe
2006-10-19 11:36 24,576 --a------ C:\WINDOWS\system32\vypqj.exe
2006-10-19 09:46 192 --a------ C:\WINDOWS\system32\ggg.bat
2006-10-19 09:45 24,576 --a------ C:\WINDOWS\system32\dr.exe
2006-10-19 09:45 20,480 --a------ C:\WINDOWS\system32\setup9X.exe
2006-10-19 09:45 115,947 --a------ C:\WINDOWS\system32\install.exe
2006-10-18 20:03 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2006-09-22 21:52 323,584 --a------ C:\WINDOWS\system32\essentialtoolkit.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-10-19 18:11 -------- d-------- C:\Program Files\Common Files
2006-10-19 16:10 -------- d-------- C:\Program Files\Mozilla Firefox
2006-10-19 16:02 -------- d-------- C:\Program Files\Yahoo!
2006-10-18 23:42 -------- d-------- C:\Documents and Settings\Athena\Application Data\IMVU
2006-10-09 23:16 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-09 23:16 -------- d-------- C:\Program Files\GALA-NET
2006-10-09 23:16 -------- d-------- C:\Program Files\Common Files\InstallShield
2006-10-09 20:34 462072 --a------ C:\Documents and Settings\Athena\Application Data\GDIPFONTCACHEV1.DAT
2006-10-07 17:09 -------- d-------- C:\Program Files\IMVU
2006-10-06 23:10 -------- d-------- C:\Program Files\Common Files\DAZ
2006-10-06 12:33 -------- d-------- C:\Documents and Settings\Athena\Application Data\BitTorrent
2006-10-05 13:51 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2006-10-05 08:52 -------- d-------- C:\Program Files\Curious Labs
2006-10-05 00:09 -------- d-------- C:\Program Files\MythWar_en
2006-10-04 09:30 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-04 09:26 -------- d-------- C:\Program Files\OfficeUpdate11
2006-10-02 13:49 -------- d-------- C:\Program Files\Common Files\LightScribe
2006-10-02 13:48 -------- d-------- C:\Program Files\LightScribe
2006-10-01 23:46 -------- d-------- C:\Documents and Settings\Athena\Application Data\SecondLife
2006-10-01 23:33 -------- d-------- C:\Program Files\SecondLife
2006-10-01 09:08 -------- d-------- C:\Program Files\BitTorrent
2006-10-01 09:01 -------- d---s---- C:\Documents and Settings\Athena\Application Data\Microsoft
2006-10-01 08:14 -------- d-------- C:\Program Files\Microsoft Visual Studio
2006-10-01 08:14 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-10-01 08:14 -------- d-------- C:\Program Files\Common Files\Designer
2006-10-01 08:13 -------- d-------- C:\Program Files\Microsoft Office
2006-10-01 08:13 -------- d-------- C:\Program Files\Common Files\System
2006-09-30 11:43 -------- d-------- C:\Program Files\western civilisation
2006-09-28 08:49 -------- d-------- C:\Program Files\Common Files\SureThing Shared
2006-09-26 10:05 -------- d-------- C:\Program Files\SureThing
2006-09-24 21:54 -------- d-------- C:\Program Files\Teamspeak2_RC2
2006-09-24 21:54 -------- d-------- C:\Documents and Settings\Athena\Application Data\teamspeak2
2006-09-22 21:52 -------- d-------- C:\Program Files\Save
2006-09-14 15:33 33792 --a------ C:\WINDOWS\system32\lmmib2.dll
2006-09-14 14:37 -------- d-------- C:\Program Files\Windows Media Player
2006-09-14 14:37 -------- d-------- C:\Program Files\Messenger
2006-09-14 09:32 -------- d-------- C:\Program Files\Adobe
2006-09-12 22:35 -------- d-------- C:\Program Files\WinMX
2006-09-12 22:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-10 22:06 -------- d-------- C:\Program Files\Silkroad
2006-09-06 20:27 31248 --a------ C:\WINDOWS\system32\drivers\tmpreflt.sys
2006-09-06 20:27 197648 --a------ C:\WINDOWS\system32\drivers\tmxpflt.sys
2006-09-06 20:09 1051456 --a------ C:\WINDOWS\system32\drivers\VsapiNT.sys
2006-09-06 19:21 -------- d-------- C:\Program Files\WIZET
2006-09-06 13:31 -------- d-------- C:\Program Files\Diablo II
2006-09-05 22:48 -------- d-------- C:\Program Files\Microsoft SQL Server
2006-09-05 15:53 -------- d--h----- C:\Program Files\Uninstall Information
2006-09-05 13:00 -------- d-------- C:\Program Files\Common Files\Ahead
2006-09-05 12:59 -------- d-------- C:\Documents and Settings\Athena\Application Data\Ahead
2006-09-05 12:57 -------- d-------- C:\Program Files\Nero
2006-09-04 21:26 -------- d-------- C:\Program Files\Winamp
2006-09-04 21:04 -------- d-------- C:\Program Files\Internet Explorer
2006-09-04 21:00 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2006-09-04 20:51 -------- d-------- C:\Program Files\Symantec
2006-09-04 20:17 -------- d-------- C:\Program Files\Western Digital
2006-09-04 11:13 -------- d-------- C:\Program Files\SmartFTP Client 2.0 Setup Files
2006-09-04 11:13 -------- d-------- C:\Program Files\SmartFTP Client 2.0
2006-09-04 11:13 -------- d-------- C:\Documents and Settings\Athena\Application Data\SmartFTP
2006-09-04 10:58 -------- dr-h----- C:\Documents and Settings\Athena\Application Data\yahoo!
2006-09-03 16:19 -------- d-------- C:\Program Files\MSN Messenger
2006-09-02 12:04 -------- d-------- C:\Program Files\Guild Wars
2006-09-01 18:14 -------- d-------- C:\Program Files\Arovax Shield
2006-09-01 18:14 -------- d-------- C:\Program Files\Ares
2006-09-01 17:52 -------- d-------- C:\Program Files\Creative
2006-09-01 17:20 -------- d-------- C:\Program Files\Opera
2006-08-25 08:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 05:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 02:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-21 02:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2006-08-16 04:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll
2006-07-28 09:30 62744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2006-07-28 09:30 236824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2006-07-27 06:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-21 01:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_07\\bin\\jusched.exe"
"DVDTray"="\"C:\\Program Files\\HP DVD\\Umbrella\\DVDTray.exe\""
"DVDBitSet"="\"C:\\Program Files\\HP DVD\\Umbrella\\DVDBitSet.exe\" /NOUI"
"WINDVDPatch"="CTHELPER.EXE"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"Jet Detection"="\"C:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\""
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"D7vydvBD"="cmd /c IF EXIST \"C:\\WINDOWS\\system32\\lkyaekrrr.exe\" del /s /q \"C:\\WINDOWS\\system32\\lkyaekrrr.exe\""
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,\
00,00,01,00,00,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Athena^Start Menu^Programs^Startup^PANTONE® colorist.lnk]
"path"="C:\\Documents and Settings\\Athena\\Start Menu\\Programs\\Startup\\PANTONE® colorist.lnk"
"backup"="C:\\WINDOWS\\pss\\PANTONE® colorist.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\Colorist\\PANTON~1\\PANTON~1\\PANTON~1.EXE "
"item"="PANTONE® colorist"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\7a9G]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="kesfnyh"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\kesfnyh.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Amiqmfz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ytsduo"
"hkey"="HKLM"
"command"="c:\\Program Files\\Ygeat\\Ytsduo.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ares"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Ares\\Ares.exe\" -h"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ep70DPdC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="bylow"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\bylow.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Optimizer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="optimize"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Internet Optimizer\\optimize.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IpWins]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ipwins"
"hkey"="HKLM"
"command"="C:\\Program Files\\ipwins\\ipwins.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IST Service]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="istsvc"
"hkey"="HKLM"
"command"="C:\\Program Files\\ISTsvc\\istsvc.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jhoos]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Jhoos"
"hkey"="HKCU"
"command"="\"C:\\PROGRA~1\\Jhoos\\Jhoos.exe\" -minimize"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dumprep 0 -k"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -k"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Gateway]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MEDIAG~1"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\MEDIAG~1\\MEDIAG~1.EXE"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mrspsz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mrspsz"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\mrspsz.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"D:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyVBApp1]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\n92t7abr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="n92t7abr"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\n92t7abr.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV Agent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="navapw32"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\NORTON~1\\NORTON~1\\navapw32.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\p2p networking]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="p2pnetworking"
"hkey"="HKLM"
"command"="p2pnetworking.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PVModule]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="pvmodule"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\PRINTV~1\\pvmodule.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pVRV3eP]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ujtnzbw"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\ujtnzbw.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\q1955tq5]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="q1955tq5"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\q1955tq5.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\salm]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="salm"
"hkey"="HKLM"
"command"="c:\\program files\\180searchassistant\\salm.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sfpJk]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ovauma1ep"
"hkey"="HKLM"
"command"="\"C:\\WINDOWS\\system32\\ovauma1ep.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SM1BG]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SM1BG"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\SM1BG.EXE"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TeaTimer"
"hkey"="HKCU"
"command"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_04\\bin\\jusched.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfAccuracy]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SAcc"
"hkey"="HKLM"
"command"="C:\\Program Files\\SurfAccuracy\\SAcc.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SNDMon"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tbon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="tbon"
"hkey"="HKCU"
"command"="C:\\Program Files\\TBONBin\\tbon.exe /r"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="sgtray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ViewMgr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="YahooMessenger"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Symantec NetDetect.job
Completion time: 06-10-19 18:11:59.65
C:\ComboFix.txt ... 06-10-19 18:11
HijackThis log is as follows....
Logfile of HijackThis v1.99.1
Scan saved at 6:15:25 PM, on 10/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PCCTLCOM.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TMPROXY.EXE
C:\WINDOWS\system32\UStorSrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TMPFW.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Athena\Desktop\virus removal\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gaiaonline.com/forum/viewtopic....&t=17035871 (http://\"http://www.gaiaonline.com/forum/viewtopic.php?page=9288&t=17035871\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.eyeseek.com/firstsite.asp?b= (http://\"http://www.eyeseek.com/firstsite.asp?b=\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.eyeseek.com/firstsite.asp?b= (http://\"http://www.eyeseek.com/firstsite.asp?b=\")
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com\")
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Trend Micro Antifraud Toolbar - {06647158-359E-4D10-A8DE-E6145DA90BE9} - C:\PROGRA~1\TRENDM~1\INTERN~1\PccIeBar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: Glwcick Class - {BDF4E4DF-B6BB-4ECE-8CD9-1880DEC7B82F} - C:\WINDOWS\system32\lqe2z.dll (file missing)
O3 - Toolbar: Trend Micro Antifraud Toolbar - {871F91FD-3A92-4988-A842-16AB2CFF5AF1} - C:\PROGRA~1\TRENDM~1\INTERN~1\PccIeBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [D7vydvBD] cmd /c IF EXIST "C:\WINDOWS\system32\lkyaekrrr.exe" del /s /q "C:\WINDOWS\system32\lkyaekrrr.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Athena\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAcc...bridge-c420.cab (http://\"http://static.windupdates.com/cab/MediaAccess/ie/bridge-c420.cab\")
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect1.gravity.co.kr/nprotect/npx.cab (http://\"http://nprotect1.gravity.co.kr/nprotect/npx.cab\")
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect1.gravity.co.kr/nprotect/nPKeyCrypt/npkcx.cab (http://\"http://nprotect1.gravity.co.kr/nprotect/nPKeyCrypt/npkcx.cab\")
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {8660A526-27A4-4FBD-85B2-857E82A25971} - C:\WINDOWS\system32\lqe2z.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
Post by: guestolo on October 19, 2006, 08:20:46 PM
You have entries being controlled on startup that don't let me see everything
supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents in a new reply please
Post by: Lilith on October 19, 2006, 08:22:23 PM
Adobe Illustrator 10
Adobe Photoshop 7.0
Adobe Reader 7.0.8
Adobe Shockwave Player
Adobe SVG Viewer 3.0
AOL Instant Messenger
ArcSoft ShowBiz DVD 2
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
BitTorrent 4.24.0
Blazix
Cypress USB Mass Storage Driver Installation
Data Lifeguard Tools
Diablo II
DivX
DivX Player
Download Accelerator Plus (DAP)
DSPlayer v0.59.5 alpha
Dungeon Siege Legends of Aranna
Easy GIF Animator 3.4
eMusic - 50 Free MP3 offer
Ezonics Greeting Cam Deluxe
EZPhoto Browser
EZPhoto Tools
EZShowtime MMS
EZSuite For Video Chat Kit
EZVideo Chat 2.0
EZVideo Mail
ffdshow (remove only)
Fraps
FreeDVD Codec Installer Version 1.0
Gaia Interface for Yahoo! IM Client
GameSpy Arcade
Google Video Player
Guild Wars
HijackThis 1.99.1
HP DVD Writer
InterActual Player
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 7
LightScribe Applications
Macromedia Dreamweaver MX
Macromedia Extension Manager
Macromedia Fireworks MX
Macromedia Flash MX
Macromedia FreeHand 10
MapleStory
MaXimus DVD Version 1.2
MediaTickets by OIN
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Office XP Professional with FrontPage
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Mozilla Firefox (1.5.0.7)
MSN Music Assistant
Music Visualizer Library 1.4.00
muvee autoProducer 3.5_LE10 - HPC
MythWar
Nero 7 Demo
Net MD Simple Burner
Netscape Browser (remove only)
Neverwinter Nights Platinum Edition
nProtect KeyCrypt
NVIDIA Drivers
OpenMG Limited Patch 3.1-02-10-22-01
OpenMG Limited Patch 3.1-02-10-22-02
OpenMG Limited Patch 3.1-02-12-04-01
OpenMG Secure Module 3.1
Opera
PANTONE® colorist
PC CameraQ
Poser 5
PowerDVD
QuickTime
Ragnarok Online
Ragnarok Sakray
Rappelz
Roxio Easy Media Creator 7
SecondLife (remove only)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Silkroad
SmartFTP Client
SmartFTP Client 2.0
SmartFTP Client 2.0 Setup Files (remove only)
Sonic RecordNow!
Sonic Update Manager
SonicStage 1.5.06
Sound Blaster Live! Web 2K/XP
Star Wars Galaxies
Style Master 4.5.1
Subliminal Vision Pro
SureThing CD Labeler 4 SE
TeamSpeak 2 RC2
Trend Micro PC-cillin Internet Security 2006
Trillian
Ulead GIF Animator
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
USB Driver
USB Storage Adapter FX (SM1)
Ventrilo Client
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Winamp (remove only)
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893086
WinMX
WinRAR archiver
WinZip
Xfire (remove only)
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Post by: Lilith on October 19, 2006, 08:37:15 PM
Post by: guestolo on October 19, 2006, 08:54:00 PM
I have to start all over, give me 10 minutes and I'll respond back
Post by: Lilith on October 19, 2006, 08:55:51 PM
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Post by: guestolo on October 19, 2006, 09:21:52 PM
It's important you follow everything I post, you're doing great so far
We should get you to download the latest version of Java for security reasons
==Download the latest version of Java Runtime Environment (JRE) 5.0 Update 9 (http://\"http://java.sun.com/javase/downloads/index.jsp\")
- Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
- Click the "Download" button to the right.
- Check the box that says: "Accept License Agreement[/i]".
- The page will refresh.
- Click on the link to download Windows Offline Installation Multi-language
Don't install it yet
==[color=\"red\"]RIGHT-CLICK HERE[/color] (http://\"http://metallica.geekstogo.com/MediaGateway.BFU\")[/b] and choose "Save As" (in IE it's "Save Target As") in order to download [color=\"red\"]MediaGateway Remover[/color].
Save it in the same folder you made earlier (c:\BFU).
We will need it later
Download>>Install [color=\"#000099\"]AVG Anti-Spyware 7.5[/color] (http://\"http://www.ewido.net/en/download/\") from Ewido networks
- Load AVG-antispyware and then click the Update tab at the top. Under Manual Update click Start update.
- After the update finishes (the status bar at the bottom will display "Update successful")
- Close AVG antispyware as we will need it later
I will need you to reboot into safe mode soon, without networking to complete most of the repairs
Close down all browser windows, including this one
I also need you to reenable all entries on startup that you have disable with msconfig or startup manager
Can you do the following
Go to START>>RUN>>type in
msconfig
Hit OK
Under the STARTUP tab >>> enable all>>apply it
Under the Services tab>>enable all >> apply it if anything reenabled
Under the General tab, select NORMAL startup
APPLY it then click CLOSE
DO NOT restart the computer at the prompt, but please leave everything enabled till we are done here please
Open the Windows Control panel and double click on the Java Icon
Ensure you are in Classic View, select the Java Icon
Under the General tab, select "Delete files"
Leave all 3 selections selected and click OK>>Close Java
Access your Add/remove programs via Control Panel
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
eg..J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 7
They should have the following icon next to it: (http://users.telenet.be/bluepatchy/miekiemoes/images/javaicon.gif)
Select it and click Remove all 3 of them
Remain in Add/remove programs
Remove MediaTickets by OIN
I would also suggest that you remove
both Viewpoint Manager (Remove Only)
Viewpoint Media Player
Not considered malware, but foistware, and they can both be unknowing installed
Do a "System scan only" with Hijackthis and put a check next to these entries:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html (http://\"http://red.clientapps.yahoo.com/customize/...rch/search.html\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/...//www.yahoo.com\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/...//www.yahoo.com\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html (http://\"http://red.clientapps.yahoo.com/customize/...rch/search.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/...//www.yahoo.com\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.eyeseek.com/firstsite.asp?b= (http://\"http://www.eyeseek.com/firstsite.asp?b=\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.eyeseek.com/firstsite.asp?b= (http://\"http://www.eyeseek.com/firstsite.asp?b=\")
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com (http://\"http://red.clientapps.yahoo.com/customize/...//www.yahoo.com\")
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dll (file missing)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: Glwcick Class - {BDF4E4DF-B6BB-4ECE-8CD9-1880DEC7B82F} - C:\WINDOWS\system32\lqe2z.dll (file missing)
O4 - HKLM\..\RunOnce: [D7vydvBD] cmd /c IF EXIST "C:\WINDOWS\system32\lkyaekrrr.exe" del /s /q "C:\WINDOWS\system32\lkyaekrrr.exe"
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAcc...bridge-c420.cab (http://\"http://static.windupdates.com/cab/MediaAcc...bridge-c420.cab\")
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect1.gravity.co.kr/nprotect/npx.cab (http://\"http://nprotect1.gravity.co.kr/nprotect/npx.cab\")
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect1.gravity.co.kr/nprotect/nPKeyCrypt/npkcx.cab (http://\"http://nprotect1.gravity.co.kr/nprotect/nPKeyCrypt/npkcx.cab\")
O18 - Filter: text/html - {8660A526-27A4-4FBD-85B2-857E82A25971} - C:\WINDOWS\system32\lqe2z.dll
After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis
Reboot your computer into Safe Mode. To boot into Safe Mode, please restart your computer. Tap F8 before Windows loads. Select Safe Mode on the top of the screen that appears.
Sign in with your normal user account
In safe mode
==Go to Start > My Computer and navigate to the C:\BFU folder.
- Start the Brute Force Uninstaller by doubleclicking BFU.exe
- Behind the scriptline to execute field click the folder icon (http://metallica.geekstogo.com/foldericon.png) and select MediaGateway.BFU
- Press Execute and let it do it’s job. (You ought to see a progress bar if you did this correctly.)
- Wait for the complete script execution box to pop up and press OK.
- Press exit to terminate the BFU program.
* Clean your Cache and Cookies in IE:
- Go to Control Panel > Internet Options > General tab
- Click the "Delete Cookies" button
- Next to it, Click the "Delete Files" button
- When prompted, place a check in: "Delete all offline content", click OK
- Go to Tools > Options.
- Click Privacy in the menu on the left side of the Options window.
- Click the Clear button located to the right of each option (History, Cookies, Cache).
- Click OK to close the Options window
Alternatively, you can clear all information stored while browsing by clicking Clear All.
A confirmation dialog box will be shown before clearing the information.
[/list]* Clean other Temporary files + Recycle bin
- Go to start > run and type:
- Let it scan your system for files to remove.
- Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
- Press OK to remove them.
- Load AVG and select the "Scanner" tab
- Click the "Settings" tab and then change the recommended action to Quarantine and ensure that Automatically generate report after every scan is selected
- Click back to the "Scan" tab and then click on Complete System Scan.
- Let this scan complete
- AVG will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.
- Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).
At this time you can install Sun Java from the installer you saved to desktop earlier
Follow the prompts
After installation you can delete the installer from desktop
Post back all the following please
1. Post a fresh hijackthis log
2. Post the whole report from AVG Antispyware
3. Can I have you run Combofix.exe again and post the log that opens please
It may take more than one reply to post all the logs
NOTE: IF, and ONLY IF you have problems loss of Internet connection after doing the above
With all other windows closed
Go to start > run and type cmd
A dos Window will appear.
Type the next in the dos window:
netsh winsock reset catalog
hit enter.
Reboot your computer
Post by: Lilith on October 19, 2006, 09:35:14 PM
Post by: Lilith on October 19, 2006, 10:32:27 PM
Post by: guestolo on October 19, 2006, 10:36:33 PM
I think AVG antispyware takes me about 40-50 minutes to run, something like that
Post back all the logs when your ready
Post by: Lilith on October 19, 2006, 10:45:01 PM
Post by: Lilith on October 19, 2006, 11:25:03 PM
Post by: Lilith on October 19, 2006, 11:30:44 PM
Post by: guestolo on October 19, 2006, 11:32:45 PM
Quote
It's ALMOST to 50%... oi vey. Yeah I need to remove more files a.s.a.p.
/laugh.gif\' class=\'bbc_emoticon\' alt=\':lol:\' /> That's OK, let it finish, make sure you quarantine all items found and save a report
As I posted in the instructions earlier
I'll be around another Hour or so
If we can't get it all tonight, we'll get it all later, but we can't wait too long
We don't want to allow reinfections
Post by: Lilith on October 19, 2006, 11:36:54 PM
Post by: guestolo on October 19, 2006, 11:42:35 PM
They tried all week to remove it.....
We went over on the weekend for some cool beverages, along with my laptop
I happened to have a tool that removed the nasty in about 5 minutes
Hee, hee
But then we ran updated scans with his virus scanner, etc...
That's what takes the time
Some nasties go away easy and some not so easy, but in the end, they usually all go away
Post by: Lilith on October 19, 2006, 11:49:49 PM
/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' /> I am gonna go finish the stuff you said to do. /biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' /> /biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Post by: Lilith on October 20, 2006, 12:18:44 AM
Logfile of HijackThis v1.99.1
Scan saved at 10:16:15 PM, on 10/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\SM1BG.EXE
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Colorist\Pantone, Inc\PANTONE® colorist\PANTONE® colorist.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PCCTLCOM.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TMPROXY.EXE
C:\WINDOWS\system32\UStorSrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TMPFW.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Athena\Desktop\virus removal\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gaiaonline.com/forum/viewtopic....&t=17035871 (http://\"http://www.gaiaonline.com/forum/viewtopic.php?page=9288&t=17035871\")
O2 - BHO: Trend Micro Antifraud Toolbar - {06647158-359E-4D10-A8DE-E6145DA90BE9} - C:\PROGRA~1\TRENDM~1\INTERN~1\PccIeBar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: Trend Micro Antifraud Toolbar - {871F91FD-3A92-4988-A842-16AB2CFF5AF1} - C:\PROGRA~1\TRENDM~1\INTERN~1\PccIeBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [sfpJk] "C:\WINDOWS\system32\ovauma1ep.exe"
O4 - HKLM\..\Run: [salm] c:\program files\180searchassistant\salm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [q1955tq5] C:\WINDOWS\system32\q1955tq5.exe
O4 - HKLM\..\Run: [pVRV3eP] C:\WINDOWS\system32\ujtnzbw.exe
O4 - HKLM\..\Run: [p2p networking] p2pnetworking.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [n92t7abr] C:\WINDOWS\system32\n92t7abr.exe
O4 - HKLM\..\Run: [mrspsz] C:\WINDOWS\mrspsz.exe
O4 - HKLM\..\Run: [Media Gateway] C:\PROGRA~1\MEDIAG~1\MEDIAG~1.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Ep70DPdC] C:\WINDOWS\bylow.exe
O4 - HKLM\..\Run: [Amiqmfz] c:\Program Files\Ygeat\Ytsduo.exe
O4 - HKLM\..\Run: [7a9G] C:\WINDOWS\kesfnyh.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Jhoos] "C:\PROGRA~1\Jhoos\Jhoos.exe" -minimize
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PANTONE® colorist.lnk = C:\Program Files\Colorist\Pantone, Inc\PANTONE® colorist\PANTONE® colorist.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Athena\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
Post by: guestolo on October 20, 2006, 12:21:25 AM
Post by: Lilith on October 20, 2006, 12:22:15 AM
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 10:03:48 PM 10/19/2006
+ Scan result:
HKLM\SOFTWARE\Altnet -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Altnet\TopSearch -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM.ADM -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM.ADM.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM.ADM\CLSID -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM.ADM\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SigningModule.SigningModule -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SigningModule.SigningModule.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SigningModule.SigningModule\CLSID -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SigningModule.SigningModule\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
HKU\S-1-5-21-1085031214-2147019873-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1085031214-2147019873-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup (quarantined).
C:\Program Files\Save -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\SideFind -> Adware.SideFind : Cleaned with backup (quarantined).
C:\Program Files\SideFind\sfbho.dll_tobedeleted -> Adware.SideFind : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll -> Adware.WinAD : Cleaned with backup (quarantined).
HKU\S-1-5-21-1085031214-2147019873-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} -> Adware.ZangoSearch : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\µTorrent 1.6.1 Build 483 Beta.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\1st Email Address Spider 2006 5.70.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\1st Fax Extractor 5.69.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\30 PC Rip Games.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\3D MP3 Sound Recorder G2 v4.03.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\8 Mile.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\8MM 2.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\8MM.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\A Scanner Darkly 2006 DVDSCR XviD-.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\ACA Capture Pro 5.20.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\ADG Aspect Tools 5.0.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\ADSL Reconnect 2006.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AIO Crack Searching & Shareware Hacking.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\ALFA Antiterror.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AVG Anti-Spyware 7.5.0.47.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AVG Anti-Virus Professional Edition 7.5.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AceMoney 3.9.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Adam cardiovascular System.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Adobe Photoshop Plugin Plugins Collection.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AdsCleaner 4.3.19.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Adult PDF Password Recovery v.2.4.0.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Adware Spyware Be Gone 2.51.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Aeon Flux DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Age of Empires III Expansion Warchief.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Age of Empires III Expansion Warchief.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Air Force One DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AllAnonymity IP Hider 2.7.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AllWebMenus V4.2 Build 630 Pro.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Americas Deadliest Street Gang STVRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AntiSpyware.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Antz 1998.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Arcade Pool II.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Armed And Dangerous.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Ashampoo Burning Studio 6.30.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Ashampoo UnInstaller Platinum 2.0.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Audio Edit Magic 9.1.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Audio Editor Gold 8.3.0.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Audio Editor Gold 9.1.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Audio Toolz AIO.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AudioTester ver. 2.2a.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AutoPatcher for Windows XP SP 2.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\AutoRun Assistant Pro 3.19.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Autodesk - Autocad - Electrical 2007.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Autorun III Professional v3.1.9.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Avast Professional v4.7.892.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Axialis Professional Screen Saver Producer 3.6.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Bandwidth Controller Enterprise 1.07.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Batch Image Resizer 2.81.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Battlefield 2142 merged Add Links Here!.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Battlefield 2142-Razor1911 iSO.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Betty Davis - Betty Davis.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\BitComet V0.74.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\BookCAT v8.11.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Business Plan Pro 2007 Premier Edition.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\CDMenuPro 5.30.02 Business.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\CDWinder v2.5.0.241.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Call of duty 2 iSO.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Cheetah CD Burner 3.51.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Cheetah DVD Burner 1.74.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Children of Men DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Chipscope Pro v8.2i.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Christina Aguilera - Christina Aguilera.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Christine 1983 DVDRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Click DVDRip XViD-FEAR.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Click DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Clinical Physiology An Examination Primer.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\CocoRosie - Noahs Ark.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\CodeLobster v3.0.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Company of Heroes.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\CorelDraw Graphics Suite X3.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Creedence Clearwater Revival - Cosmo's Factory.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Cucusoft iPod Movie-Video Converter v2.0.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Current Diagnosis & Treatment in Orthopedics.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\DOOM 3 iSO.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\DVDFab Decrypter 3.0.2.5.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\DVDLab Pro.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Darkstone iSO.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Death of a President DVDRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Delaware St.John Volume 2 The Town with No Name iSO.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Desperate Housewives The.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Diskeeper 2007 ver. 11.0 Build 686.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Dreamingsoft 123 Flash Menu v2.1.0.1042.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\ESF Database Convert Enterprise v5.3.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Easy DVD Extractor v3.1.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\EasyBoot v5.1.0.565.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Employee Of The Month CAM.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Erroll Garner - Magician Gershwin and Kern.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Eudora 7.1.0.9.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Evanescence - Singles & Remixs.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Evanescence - Ultra Rare Trax Vol. 1.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Evermotion Mental4Ever Cd1.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Everyones Hero.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\ExamXML v4.18.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\FIFA 2007.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\FTPRush 1.0.0.608 Unicode.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Fear Factory - Transgression.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Feast 2005 - UNRATED.PROPER.DVDRip.XviD.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Fifa 07 merged Add Links Here.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\File Sharing Programs AIO 2006.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\FileRecoveryAngel v1.14.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Firewall (2006).rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\First Battalion-Unleashed iSO.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Flash Desktop Spirit 1.1.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Flash Desktop Spirit v1.1.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Flash.Desktop.Spirit.v1.1.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Folder Lock.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Football Manager 2007 PC Mac 2006.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Football Manager 2007-Razor1911.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Football Manager 2007.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Foxy v1.2.0.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Freedom To Music (Volume 1).rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Friday After Next DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Friday DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Friday Night Lights.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\From Autumn to Ashes - Too Bad Youre Beautiful.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Garbage - Bleed Like Me.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Garfield 2 - Tale Of Two Kitties.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Garfield A Tail of Two Kitties DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Genie Backup Manager Pro 7.0.172.342.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Glass House 2 The Good Mother 2006 DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Godsmack - 2 Albums.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Google Talk 1.0.0.99.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Gothic 3 (english version).rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Gothic 3 HOT! (Mix Links).rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Gothic 3 iSO English.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Gothic 3 merged Add Links Here.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Gothic 3.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Gothika DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Grandmas Boy DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Grandmas Boy.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\GridinSoft Notepad Pro v3.2.2.5 Multilanguage.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Grudge 2 CAM Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\H264WebCam 1.74.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Hacking GPS.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Happy Rapidshare Downloading m8s.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Happy Tree Friends Vol. 3 Third Strike.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Hard Truck Apocalypse-RELOADED iSO.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Hawthorne Heights - The Silence in Black.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\HiDownload Pro 6.94.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Hitman Blood Money.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Hollywoodland CAM.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Hoobastank - Everyman for Himself.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Hotel Rwanda 2004 - DVDRiP.XViD-DEiTY.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Icon Edit Pro 7.04 -.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Icon Workshop 6.01 Corporation Edition -.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Icon-Catcher 1.8.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\In a Dark Place DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Info Angel 4.0.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Inside Man DVDRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Integrity Advanced Server v6.0.467.0.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Internet Download Accelerator 5.1.1.1040 Beta.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Internet Explorer 7 7.0.5730.11.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Internet Explorer 7.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\It Waits DVDRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Jackass Number Two 2006 - TS.Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Jet Brains IntelliJ IDEA v6.0.1.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\John Frusciante - Curtains.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\John Stevens - Red.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Jose Gonzales - Veneer.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Just Cause.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Kathy Cashel - The Question Is Yes.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Keyfinder Thing Lite 1.17.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Khan - Building A Better Tomorrow.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Kicking And Screaming DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\King of Fighters 2006 PS2 iSO.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Kingdia DVD Ripper 3.0.2.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\KnowledgeNet Cisco Voice Over IP CVOICE.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Kodak Eastman - Digital Gem Airbrush Pro 2.0.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Kokoda 2oo6 DVDRip XviD.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\LOTR.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Lake Placid DVDRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Layer Cake.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Little Man TS Xvid HQ.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Looking For Kitty LiMiTED DVDRip XViD-ALLiANCE.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Lord Of The Rings Battle for Middle Earth 2 merged.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Lost Season 3 COMPLETE.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Lost Season 3 Episode 3 (HDTV-LOL).rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Lost Season 3 Episode 3 HDTV.XviD-LOL.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Lost Season 3 Episode 3.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Lost Season 3.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Lotto007 XP 2006 8.9.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Lumonix Skin FX 1.19.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\M'zoft FLIGHT SIMULATOR X DELUXE merged.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Man on fire Soundtrack.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\McAfee Internet Security Suite 2007 Full 8 In 1.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\MechCad AceMoney 3.9.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\MediaCoder 0.5.1-pre9a Beta.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Memoirs of a Geisha DVDRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Microsoft Flight Simulator X.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Microsoft Office 2007 Professional.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Shared\_\Mission Impossible III.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
Post by: guestolo on October 20, 2006, 12:24:02 AM
C:\Documents and Settings\Athena\Shared\_\µTorrent 1.6.1 Build 483 Beta.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
Can you exclude any more reference to files from that location
C:\Documents and Settings\Athena\Shared\_
But copy>>paste back here anything not from that location in the report from AVG
I would still like to see the bottom of the AVG report, not including those entries
Plus a new combofix log
Post by: Lilith on October 20, 2006, 12:26:42 AM
C:\Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
D:\Fraps 2.7.4 Build 5867.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned with backup (quarantined).
C:\Documents and Settings\Athena\Incomplete\T-492224-_serial_ the tailor 1.61 03.zip/install.exe -> Hijacker.Agent.hi : Cleaned with backup (quarantined).
D:\[release] the tailor 1.61 47.zip/install.exe -> Hijacker.Agent.hi : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\UWFX5_0001_N53L1025NetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.f : Cleaned with backup (quarantined).
:mozilla.100:C:\RECYCLER\NPROTECT1020801.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020831.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020832.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020833.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020834.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020835.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020836.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020837.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020842.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020801.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020831.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020832.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020833.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020834.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020835.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020836.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020837.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020842.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020801.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020831.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020832.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020833.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020834.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020835.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020836.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020837.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020842.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020801.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020831.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020832.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020833.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020834.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020835.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020836.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020837.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020842.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020801.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020831.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020832.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020833.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020834.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020835.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020836.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020837.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020842.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020801.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020831.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020832.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020833.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020834.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020835.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020836.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020837.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020842.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020801.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020831.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020832.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020833.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020834.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020835.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020836.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020837.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020842.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020801.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020831.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020832.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020833.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020834.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020835.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020836.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020837.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020842.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020801.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020831.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020832.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020833.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020834.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020835.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020836.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020837.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020842.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
Post by: Lilith on October 20, 2006, 12:28:18 AM
:mozilla.108:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020334.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020335.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020336.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020337.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020338.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020339.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020340.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020341.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020342.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020343.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020344.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020345.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020363.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020364.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020365.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020367.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020378.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020380.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020381.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020382.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020383.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020384.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020386.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020387.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020388.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020389.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020390.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020391.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020392.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020414.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020419.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020542.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020887.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020888.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020889.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020891.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020892.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020893.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020936.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020989.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020994.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1021021.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1021024.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1021025.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1021026.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1021027.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
Post by: Lilith on October 20, 2006, 12:29:33 AM
:mozilla.108:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020334.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020335.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020336.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020337.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020338.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020339.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020340.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020341.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020342.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020343.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020344.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020345.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020363.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020364.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020365.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020367.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020378.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020380.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020381.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020382.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020383.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020384.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020386.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020387.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020388.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020389.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020390.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020391.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020392.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020414.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020419.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020542.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020887.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020888.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020889.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020891.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020892.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020893.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020936.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020989.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1020994.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1021021.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1021024.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1021025.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1021026.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT1021027.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020850.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020851.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020852.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020853.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020854.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020855.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020856.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020857.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020858.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020859.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020860.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020861.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020862.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020863.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020864.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020865.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020866.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020867.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020868.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020873.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020880.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020881.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020882.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020883.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020884.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020885.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020886.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020942.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020943.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020947.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020952.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020953.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020954.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020956.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\RECYCLER\NPROTECT1020962.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020869.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020872.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020876.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020877.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020878.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\RECYCLER\NPROTECT1020879.MOZ -> TrackingCookie.2o7 : Cleaned.
Post by: guestolo on October 20, 2006, 12:29:33 AM
Post by: Lilith on October 20, 2006, 12:32:35 AM
/laugh.gif\' class=\'bbc_emoticon\' alt=\':lol:\' /> :mozilla.511:C:\Documents and Settings\Athena\Application Data\Mozilla\Firefox\Profiles\z6h1hcsa.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.512:C:\Documents and Settings\Athena\Application Data\Mozilla\Firefox\Profiles\z6h1hcsa.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.513:C:\Documents and Settings\Athena\Application Data\Mozilla\Firefox\Profiles\z6h1hcsa.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\system32\vypqj.exe -> Trojan.Runner.j : Cleaned with backup (quarantined).
C:\WINDOWS\system32vypqj.exe -> Trojan.Runner.j : Cleaned with backup (quarantined).
C:\Program Files\Ygeat\Ytsduo.exe -> Trojan.Small.cy : Cleaned with backup (quarantined).
::Report end
ComboFix log
Athena - 06-10-19 22:14:08.60 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Athena\Desktop\virus removal"
((((((((((((((((((((((((((((((( Files Created from 2006-09-19 to 2006-10-19 ))))))))))))))))))))))))))))))))))
2006-10-19 20:09 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-10-19 11:36 45,056 --a------ C:\WINDOWS\system32uaw5wah6a.exe
2006-10-19 11:36 28,672 --a------ C:\WINDOWS\system32drei.exe
2006-10-19 11:36 28,672 --a------ C:\WINDOWS\system32\drei.exe
2006-10-19 09:46 192 --a------ C:\WINDOWS\system32\ggg.bat
2006-10-19 09:45 24,576 --a------ C:\WINDOWS\system32\dr.exe
2006-10-19 09:45 20,480 --a------ C:\WINDOWS\system32\setup9X.exe
2006-10-19 09:45 115,947 --a------ C:\WINDOWS\system32\install.exe
2006-10-18 20:03 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2006-09-22 21:52 323,584 --a------ C:\WINDOWS\system32\essentialtoolkit.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-10-19 22:13 -------- d-------- C:\Program Files\Mozilla Firefox
2006-10-19 22:09 -------- d-------- C:\Program Files\Symantec
2006-10-19 22:09 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2006-10-19 22:09 -------- d-------- C:\Program Files\Common Files
2006-10-19 20:09 -------- d-------- C:\Program Files\Grisoft
2006-10-19 16:02 -------- d-------- C:\Program Files\Yahoo!
2006-10-18 23:42 -------- d-------- C:\Documents and Settings\Athena\Application Data\IMVU
2006-10-09 23:16 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-09 23:16 -------- d-------- C:\Program Files\GALA-NET
2006-10-09 23:16 -------- d-------- C:\Program Files\Common Files\InstallShield
2006-10-09 20:34 462072 --a------ C:\Documents and Settings\Athena\Application Data\GDIPFONTCACHEV1.DAT
2006-10-07 17:09 -------- d-------- C:\Program Files\IMVU
2006-10-06 23:10 -------- d-------- C:\Program Files\Common Files\DAZ
2006-10-06 12:33 -------- d-------- C:\Documents and Settings\Athena\Application Data\BitTorrent
2006-10-05 13:51 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2006-10-05 08:52 -------- d-------- C:\Program Files\Curious Labs
2006-10-05 00:09 -------- d-------- C:\Program Files\MythWar_en
2006-10-04 09:30 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-04 09:26 -------- d-------- C:\Program Files\OfficeUpdate11
2006-10-02 13:49 -------- d-------- C:\Program Files\Common Files\LightScribe
2006-10-02 13:48 -------- d-------- C:\Program Files\LightScribe
2006-10-01 23:46 -------- d-------- C:\Documents and Settings\Athena\Application Data\SecondLife
2006-10-01 23:33 -------- d-------- C:\Program Files\SecondLife
2006-10-01 09:08 -------- d-------- C:\Program Files\BitTorrent
2006-10-01 09:01 -------- d---s---- C:\Documents and Settings\Athena\Application Data\Microsoft
2006-10-01 08:14 -------- d-------- C:\Program Files\Microsoft Visual Studio
2006-10-01 08:14 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-10-01 08:14 -------- d-------- C:\Program Files\Common Files\Designer
2006-10-01 08:13 -------- d-------- C:\Program Files\Microsoft Office
2006-10-01 08:13 -------- d-------- C:\Program Files\Common Files\System
2006-09-30 11:43 -------- d-------- C:\Program Files\western civilisation
2006-09-28 08:49 -------- d-------- C:\Program Files\Common Files\SureThing Shared
2006-09-26 10:05 -------- d-------- C:\Program Files\SureThing
2006-09-24 21:54 -------- d-------- C:\Program Files\Teamspeak2_RC2
2006-09-24 21:54 -------- d-------- C:\Documents and Settings\Athena\Application Data\teamspeak2
2006-09-14 15:33 33792 --a------ C:\WINDOWS\system32\lmmib2.dll
2006-09-14 14:37 -------- d-------- C:\Program Files\Windows Media Player
2006-09-14 14:37 -------- d-------- C:\Program Files\Messenger
2006-09-14 09:32 -------- d-------- C:\Program Files\Adobe
2006-09-12 22:35 -------- d-------- C:\Program Files\WinMX
2006-09-12 22:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-10 22:06 -------- d-------- C:\Program Files\Silkroad
2006-09-06 20:27 31248 --a------ C:\WINDOWS\system32\drivers\tmpreflt.sys
2006-09-06 20:27 197648 --a------ C:\WINDOWS\system32\drivers\tmxpflt.sys
2006-09-06 20:09 1051456 --a------ C:\WINDOWS\system32\drivers\VsapiNT.sys
2006-09-06 19:21 -------- d-------- C:\Program Files\WIZET
2006-09-06 13:31 -------- d-------- C:\Program Files\Diablo II
2006-09-05 22:48 -------- d-------- C:\Program Files\Microsoft SQL Server
2006-09-05 15:53 -------- d--h----- C:\Program Files\Uninstall Information
2006-09-05 13:00 -------- d-------- C:\Program Files\Common Files\Ahead
2006-09-05 12:59 -------- d-------- C:\Documents and Settings\Athena\Application Data\Ahead
2006-09-05 12:57 -------- d-------- C:\Program Files\Nero
2006-09-04 21:26 -------- d-------- C:\Program Files\Winamp
2006-09-04 21:04 -------- d-------- C:\Program Files\Internet Explorer
2006-09-04 20:17 -------- d-------- C:\Program Files\Western Digital
2006-09-04 11:13 -------- d-------- C:\Program Files\SmartFTP Client 2.0 Setup Files
2006-09-04 11:13 -------- d-------- C:\Program Files\SmartFTP Client 2.0
2006-09-04 11:13 -------- d-------- C:\Documents and Settings\Athena\Application Data\SmartFTP
2006-09-04 10:58 -------- dr-h----- C:\Documents and Settings\Athena\Application Data\yahoo!
2006-09-03 16:19 -------- d-------- C:\Program Files\MSN Messenger
2006-09-02 12:04 -------- d-------- C:\Program Files\Guild Wars
2006-09-01 18:14 -------- d-------- C:\Program Files\Arovax Shield
2006-09-01 18:14 -------- d-------- C:\Program Files\Ares
2006-09-01 17:52 -------- d-------- C:\Program Files\Creative
2006-09-01 17:20 -------- d-------- C:\Program Files\Opera
2006-08-25 08:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 05:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 02:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-21 02:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2006-08-16 04:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll
2006-07-28 09:30 62744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2006-07-28 09:30 236824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2006-07-27 06:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-21 01:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"tbon"="C:\\Program Files\\TBONBin\\tbon.exe /r"
"SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
"MyVBApp1"=""
"msnmsgr"="\"D:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Jhoos"="\"C:\\PROGRA~1\\Jhoos\\Jhoos.exe\" -minimize"
"ares"="\"C:\\Program Files\\Ares\\Ares.exe\" -h"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"DVDTray"="\"C:\\Program Files\\HP DVD\\Umbrella\\DVDTray.exe\""
"DVDBitSet"="\"C:\\Program Files\\HP DVD\\Umbrella\\DVDBitSet.exe\" /NOUI"
"WINDVDPatch"="CTHELPER.EXE"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"Jet Detection"="\"C:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\""
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"SurfAccuracy"="C:\\Program Files\\SurfAccuracy\\SAcc.exe"
"SM1BG"="C:\\WINDOWS\\SM1BG.EXE"
"sfpJk"="\"C:\\WINDOWS\\system32\\ovauma1ep.exe\""
"salm"="c:\\program files\\180searchassistant\\salm.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"q1955tq5"="C:\\WINDOWS\\system32\\q1955tq5.exe"
"pVRV3eP"="C:\\WINDOWS\\system32\\ujtnzbw.exe"
"p2p networking"="p2pnetworking.exe"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"NAV Agent"="C:\\PROGRA~1\\NORTON~1\\NORTON~1\\navapw32.exe"
"n92t7abr"="C:\\WINDOWS\\system32\\n92t7abr.exe"
"mrspsz"="C:\\WINDOWS\\mrspsz.exe"
"Media Gateway"="C:\\PROGRA~1\\MEDIAG~1\\MEDIAG~1.EXE"
"KernelFaultCheck"="%systemroot%\\system32\\dumprep 0 -k"
"IST Service"="C:\\Program Files\\ISTsvc\\istsvc.exe"
"Ep70DPdC"="C:\\WINDOWS\\bylow.exe"
"Amiqmfz"="c:\\Program Files\\Ygeat\\Ytsduo.exe"
"7a9G"="C:\\WINDOWS\\kesfnyh.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,\
00,00,01,00,00,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Symantec NetDetect.job
Completion time: 06-10-19 22:15:41.29
C:\ComboFix.txt ... 06-10-19 22:15
C:\ComboFix2.txt ... 06-10-19 18:15
Post by: guestolo on October 20, 2006, 01:12:42 AM
Set Windows To Show Hidden Files and Folders
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Uncheck the Hide Extensions for known file types
* Click Yes to confirm.
* Click OK.
Manually search thru your folders for these files and delete if found
Exact file names and locations please
C:\WINDOWS\system32uaw5wah6a.exe <-file
C:\WINDOWS\system32drei.exe
C:\WINDOWS\system32\drei.exe
C:\WINDOWS\system32\ggg.bat
C:\WINDOWS\system32\dr.exe
C:\WINDOWS\system32\setup9X.exe
C:\WINDOWS\system32\install.exe
C:\WINDOWS\system32\vbzip10.dll
the next ones may not be found, but look for them anyways
C:\WINDOWS\kesfnyh.exe
C:\WINDOWS\bylow.exe
C:\WINDOWS\mrspsz.exe
C:\WINDOWS\system32\n92t7abr.exe
C:\WINDOWS\system32\ujtnzbw.exe
C:\WINDOWS\system32\q1955tq5.exe
C:\WINDOWS\system32\ovauma1ep.exe
Delete the following folders if found
C:\Program Files\TBONBin <-folder
C:\Program Files\Jhoos
C:\Program Files\SurfAccuracy
C:\Program Files\180searchassistant
C:\Program Files\Ygeat
After you have done that you can go back and hide hidden files and folders
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Do Not Show hidden files and folders.
* Check the Hide protected operating system files (recommended) option.
* Click Yes to confirm.
* Click OK.
Do a "System scan only" with Hijackthis and put a check next to these entries:
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [sfpJk] "C:\WINDOWS\system32\ovauma1ep.exe"
O4 - HKLM\..\Run: [salm] c:\program files\180searchassistant\salm.exe
O4 - HKLM\..\Run: [q1955tq5] C:\WINDOWS\system32\q1955tq5.exe
O4 - HKLM\..\Run: [pVRV3eP] C:\WINDOWS\system32\ujtnzbw.exe
O4 - HKLM\..\Run: [p2p networking] p2pnetworking.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [n92t7abr] C:\WINDOWS\system32\n92t7abr.exe
O4 - HKLM\..\Run: [mrspsz] C:\WINDOWS\mrspsz.exe
O4 - HKLM\..\Run: [Media Gateway] C:\PROGRA~1\MEDIAG~1\MEDIAG~1.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Ep70DPdC] C:\WINDOWS\bylow.exe
O4 - HKLM\..\Run: [Amiqmfz] c:\Program Files\Ygeat\Ytsduo.exe
O4 - HKLM\..\Run: [7a9G] C:\WINDOWS\kesfnyh.exe
O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Jhoos] "C:\PROGRA~1\Jhoos\Jhoos.exe" -minimize
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis
Reboot your computer
Come back here and post a fresh hijackthis log
Let me know how things are running please
We still have some minor cleanup to do
Could you let me know the following also
I see reference to Spybot in your log, but the program does not look like it's installed
Did you have it installed?
I also seen reference to Norton's AV was installed, did you have it installed
If so, what version was it?
More than one AV installed can cause conflicts, your version didn't look like it got properly uninstalled
Could you also do the following
Go to either of these links
http://virusscan.jotti.org/ (http://\"http://virusscan.jotti.org/\")
OR
http://www.virustotal.com/flash/index_en.html (http://\"http://www.virustotal.com/flash/index_en.html\")
Use the browse button and navigate to the file on your harddrive
C:\WINDOWS\system32\essentialtoolkit.dll <-this file
Right click on the file and choose Select
Then use the Submit button
Let it finish scanning
Could you post back the results of the scan back here please with a new hijackthis log
One last request
Can you create a .bat file for me
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
Change the Save as Type to All Files.
Name the file as Export.bat
Save this file on the desktop
Code: [Select]
regedit /e Export.txt "HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run" Double click on Export.bat, a text file will open, copy>>Paste back here the contents please
I may not see the results till tomorrow
Post by: Lilith on October 20, 2006, 01:26:45 AM
Post by: Lilith on October 20, 2006, 01:34:31 AM
Logfile of HijackThis v1.99.1
Scan saved at 11:32:32 PM, on 10/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRAM FILES\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Colorist\Pantone, Inc\PANTONE® colorist\PANTONE® colorist.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PCCTLCOM.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TMPROXY.EXE
C:\WINDOWS\system32\UStorSrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TMPFW.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TSC.EXE
C:\Documents and Settings\Athena\Desktop\virus removal\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gaiaonline.com/forum/viewtopic....&t=17035871 (http://\"http://www.gaiaonline.com/forum/viewtopic.php?page=9288&t=17035871\")
O2 - BHO: Trend Micro Antifraud Toolbar - {06647158-359E-4D10-A8DE-E6145DA90BE9} - C:\PROGRA~1\TRENDM~1\INTERN~1\PccIeBar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Trend Micro Antifraud Toolbar - {871F91FD-3A92-4988-A842-16AB2CFF5AF1} - C:\PROGRA~1\TRENDM~1\INTERN~1\PccIeBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Jhoos] "C:\PROGRA~1\Jhoos\Jhoos.exe" -minimize
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PANTONE® colorist.lnk = C:\Program Files\Colorist\Pantone, Inc\PANTONE® colorist\PANTONE® colorist.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Athena\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
Post by: Lilith on October 20, 2006, 01:44:59 AM
AAntiVir 7.2.0.31 10.20.2006 no virus found
Authentium 4.93.8 10.20.2006 no virus found
Avast 4.7.892.0 10.19.2006 no virus found
AVG 386 10.19.2006 no virus found
BitDefender 7.2 10.20.2006 no virus found
CAT-QuickHeal 8.00 10.19.2006 no virus found
ClamAVdevel-20060426 10.20.2006 no virus found
DrWeb4.33 10.20.2006 no virus found
eTrust-InoculateIT23.73.30 10.20.2006 no virus found
eTrust-Vet30.3.3143 10.19.2006 no virus found
Ewido4.0 10.19.2006 no virus found
Fortinet2.82.0.0 10.20.2006 no virus found
F-Prot3.16f 10.20.2006 no virus found
F-Prot44.2.1.29 10.19.2006 no virus found
Ikarus0.2.65.0 10.20.2006 no virus found
Kaspersky4.0.2.24 10.20.2006 no virus found
McAfee4877 10.19.2006 no virus found
Microsoft1.1603 10.19.2006 no virus found
NOD32v21.1817 10.19.2006 no virus found
Norman5.80.02 10.19.2006 no virus found
Panda9.0.0.4 10.19.2006 no virus found
Sophos4.10.0 10.15.2006 no virus found
TheHacker6.0.1.101 10.19.2006 no virus found
UNA1.83 10.19.2006 no virus found
VBA323.11.1 10.19.2006 no virus found
VirusBuster4.3.7:9 10.20.2006 no virus found
Aditional Information File size: 323584 bytesMD5: 08dafc32c86251abfe7f7b0cffa98953SHA1: 5b2b7760f37656f11eaa1bf18ac0c63e1fa12932
Post by: Lilith on October 20, 2006, 01:56:22 AM
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"MyVBApp1"=""
"msnmsgr"="\"D:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Jhoos"="\"C:\\PROGRA~1\\Jhoos\\Jhoos.exe\" -minimize"
Post by: guestolo on October 20, 2006, 08:20:25 AM
Can you open AVG-Antispyware
Click on the INFECTIONS tab
SELECT ALL>>then choose REMOVE FINALLY
Exit AVG when that is done
Can you do the following
Make a .reg file for me please
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as fix.reg
Save this file on the desktop
Ensure to copy from REGEDIT4 and down in the code box
Code: [Select]
REGEDIT4
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MyVBApp1"=-
"Jhoos"=- Close all open windows, including this one
Double click on fix.reg
Allow to add/merge to the registry at the prompt
Reboot your computer
Come back here and post a fresh hijackthis log please
How is everything running?
I would still like to know what version of Norton's AV you had installed, it didn't appear to uninstall properly
eg.. Was it Norton 2004, 2005?
We should try and clear you of it so it won't cause conflicts with Trend Micro's
We still have a final cleanup to do, not to worry, it won't take long
Post by: Lilith on October 20, 2006, 11:48:50 AM
Logfile of HijackThis v1.99.1
Scan saved at 9:47:18 AM, on 10/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Colorist\Pantone, Inc\PANTONE® colorist\PANTONE® colorist.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PCCTLCOM.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Documents and Settings\Athena\Desktop\virus removal\HijackThis.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gaiaonline.com/forum/viewtopic....&t=17035871 (http://\"http://www.gaiaonline.com/forum/viewtopic.php?page=9288&t=17035871\")
O2 - BHO: Trend Micro Antifraud Toolbar - {06647158-359E-4D10-A8DE-E6145DA90BE9} - C:\PROGRA~1\TRENDM~1\INTERN~1\PccIeBar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Trend Micro Antifraud Toolbar - {871F91FD-3A92-4988-A842-16AB2CFF5AF1} - C:\PROGRA~1\TRENDM~1\INTERN~1\PccIeBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PANTONE® colorist.lnk = C:\Program Files\Colorist\Pantone, Inc\PANTONE® colorist\PANTONE® colorist.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Athena\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
Post by: Lilith on October 20, 2006, 11:51:51 AM
I also haven't hit any Trend Micro pop ups saying I've been hit with anything.
Post by: guestolo on October 21, 2006, 09:41:07 AM
Go to START>>All Programs>>Accessories>>System Tools>>System Restore
Create a New restore point
Name it and click create
When that's done
I still believe there are remnants of Norton 2002 left behind we should remove
Can you download this utility from Symantec's and save it to your desktop
Rnav2003.exe utility (http://\"ftp://ftp.symantec.com/misc/consumer/Rnav2003.exe\")
Don't let the name fool you, it's for 2003 and earlier
Double click on Ranav2003.exe
Read the prompt than select NO if it asks you to Exit
Select your Version of Norton's you had installed then click OK
At the prompt to uninstall click YES
After the tool is finished it will want to restart your computer, allow it
Back in Windows
Norton's may leave behind scheduled tasks
Go to # Start > Programs > Accessories > System Tools>>Scheduled Tasks.
# Right-click each entry that refers to Norton AntiVirus or Symantec, and then click delete. Click Yes to confirm the deletion
When that's done
Go to START>>RUN>>type the following
cleanmgr
Hit OK
Let if finish calculating
Select the 'More Options' tab
and click Cleanup under System Restore
This will clear all later restore points except for the one you just made
Ok the prompts, it may take a few seconds to remove old restore points
Ok again after it's ready and let it finish cleaning
[indent][color=\"#CC0000\"]Protect yourself against Future Attacks[/color][/i][/b][/indent]
*Install SpywareBlaster 3.5.1 by JavaCool (http://\"http://www.javacoolsoftware.com/spywareblaster.html\")
- *Will block bad ActiveX Controls
*Block Malevolent cookies in Internet Explorer and Firefox
*Restrict actions of potentially dangerous sites in Internet Explorer
After updating, select "Protection" on the Left
Then select "Enable all Protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"
*Make sure your Anti-Virus software is always kept up to date and actively running in the background
Keeping it set to Autoupdate is a good move
I don't have to mention to have a good firewall in place, I see your running Trend Micro's, you should be secure
Ensure you always keep up to date with the latest High Priority updates from Windows Updates
Update and do scan's with your Anti-Spyware programs on a regular basis
Personally, I would reinstall Spybot 1.4 and also Ad-Aware SE Personal 1.06
They are both great antispyware scanners
Links found HERE (http://\"http://www.thetechguide.com/forum/index.php?showtopic=15894\")
Spybot 1.4>After every update, utilize the Immunization feature
Click Immunization>>OK>>Immunization a the top green cross
You can install Spybot with the default options, this won't initialize the TeaTimer if you don't prefer that option
Optionally, Hold onto AVG AntiSpyware, it will become a limited free version after 30 days of install
But will still update, scan and remove malware after that time
You can go ahead and delete the following files
fix.reg
Combofix.exe
C:\ComboFix.txt
C:\ComboFix2.txt
the following folders
C:\!KillBox
c:\BFU
C:\QooBox
C:\sUBs < if found
Hold onto Hijackthis for a bit, about a week or so, if you find things are still running good
You can access your add/remove programs and remove it
then manually delete Hijackthis.exe and the backup folder it created
If you haven't ran the Disk Defragmenter tool in some time
Now would be a good time, I find it best ran in safe mode
This leaves minimal running on startup
Stay safe
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Post by: Lilith on October 21, 2006, 02:07:42 PM
Post by: guestolo on October 21, 2006, 02:15:31 PM
It doesn't run in the background, it just sets killbits in the registry
Safe to have on your computer, as mentioned, check for updates every couple of weeks
Post by: Lilith on October 21, 2006, 02:23:06 PM
/laugh.gif\' class=\'bbc_emoticon\' alt=\':lol:\' />
Post by: guestolo on October 21, 2006, 02:25:23 PM
Take care
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />